Social Engineering
And cyber security
Why does this matter?
Why does this matter?
Why does this matter?
A (very) brief history of hacking
Predominantly for good!
❣️
UNIX came from hacking
🎉
1960s
A (very) brief history of hacking
First actual hackers!
👩💻
1970s
A (very) brief history of hacking
More computers => more hackers
☎️
FBI investigate NCSS hack
🕵️♂️
Computer viruses - Worms + trojan horses
🦠
Countries pass cyber security laws
✍️
1980s
A (very) brief history of hacking
High profile malicious hacks
🚔
Coorporate espionage
👨🏻💼
Digital bank heist
🏦
1990s
A (very) brief history of hacking
Commoditisation of hacking
🏭
Every big name suffered ddos
🌐
ISS hacked
🛰
2000s
How we protect ourself
Regular penetration testing
🕵️♂️
OWASP top 10
📜
Infrastructure hardening
🛠
Using high quality well tested standards
✍️
How we protect ourself
So we're safe... right?
So we're safe... right?
Social engineering
Social engineering
Social engineering
Social engineering
Exploits...
Authority
Liking
Obligation
Reciprocation
Social Validation
Scarcity
Social engineering - common vectors
Phishing
Social engineering - common vectors
Pretexting
"Hi, I'm calling about your account with X, I just need to confirm some things about your recent order. I just need to confirm your identity - could you please tell me your date of birth...?"
Social engineering - common vectors
Baiting
Social engineering - common vectors
Tailgating
Why are we talking about this now?
Why are we not more worried?
How can we prevent social engineering attacks?
Be mindful + skeptical
☎️
Never give out sensitive info
📜
Use a password manager and MFA
📋
If you're unsure if you should/can do something then check with someone else
✍️
Quick checklist
Am I using common sense?
🤔
Am I being put on the spot
🎯
Do I even know who this person is?
🕵️
Is this too much information?
📊
Security
By hewingram
